[iwar] [fc:User.group.calls.for.Anti-Virus.early.warning.alert]

From: Fred Cohen (fc@all.net)
Date: 2001-09-28 16:12:41


Return-Path: <sentto-279987-2500-1001718762-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 28 Sep 2001 16:14:08 -0700 (PDT)
Received: (qmail 16928 invoked by uid 510); 28 Sep 2001 23:12:56 -0000
Received: from n8.groups.yahoo.com (216.115.96.58) by 204.181.12.215 with SMTP; 28 Sep 2001 23:12:56 -0000
X-eGroups-Return: sentto-279987-2500-1001718762-fc=all.net@returns.onelist.com
Received: from [10.1.1.222] by fk.egroups.com with NNFMP; 28 Sep 2001 23:12:42 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_4_1); 28 Sep 2001 23:12:41 -0000
Received: (qmail 19622 invoked from network); 28 Sep 2001 23:12:41 -0000
Received: from unknown (10.1.10.142) by 10.1.1.222 with QMQP; 28 Sep 2001 23:12:41 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 28 Sep 2001 23:12:41 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id QAA17506 for iwar@onelist.com; Fri, 28 Sep 2001 16:12:41 -0700
Message-Id: <200109282312.QAA17506@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 28 Sep 2001 16:12:41 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:User.group.calls.for.Anti-Virus.early.warning.alert]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit

User group calls for Anti-Virus early warning alert 
By John Leyden, The Register, 9/28/2001
<a href="http://www.theregister.co.uk/content/56/21927.html">http://www.theregister.co.uk/content/56/21927.html>

A grassroots organisation representing the interests of corporate users
has received a frosty welcome from the anti-virus community.  Avien.org,
which was represented by IT admins from Boeing, Ford and KPMG during a
keynote presentation at Virus Bulletin yesterday, generated mutterings
of discontent by stating that early warning alerts could pick up the
spread of dangerous viruses three hours before vendors.  Together Avien
represents firms with three million PCs, so it carries a lot of clout. 

Avien provides a forum for end users to share experiences, product
issues and, most importantly, early warnings (EWS) alerts on possible
viruses. 

On the face of it Avien's wish list for anti-virus products that work in
the real world, an end to vendor-squabbling and specific product
improvements on management and automatic detection (among others) seem
eminently reasonable.  In most sub-sectors of the IT industry their
requests would be closely listened to, and likely heeded.  But this is
the anti-virus market, where the vendors know best and customer
requirements (according to members of Avien we talked to) can sometimes
be secondary. 

Questions from anti-virus vendors showed they were uncomfortable with
welcoming Avien into the community, which an industry delegate we spoke
to freely admitted was "closed" and "Masonic". 

No AV vendors are allowed to become members (though a handful subscribe
to the early warning alerts).  This decision generated some plaintive
questions, even though wider vendor membership would (at the least)
stymie debate. 

A representative from Symari, which specialises in scanning messaging
systems for viruses, said that the custom for vendors is to issue alerts
only when product fixes are in place. 

Avien members argue that this is an outdated view because even limited
information on email-borne worms would allow firms to carry out
filtering operations, an approach applied with success by Avien members
hours before updates to detect the Nimda worm were available.  ®


------------------------ Yahoo! Groups Sponsor ---------------------~-->
Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide!
http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:51 PDT